19a9e808521249e3cf527b632278fac6a9647df29e40241a6370aca0420f524c

Sharing

Copy URL Twitter E-mail

General

Target

19a9e808521249e3cf527b632278fac6a9647df29e40241a6370aca0420f524c
Size

536KB
MD5

6bdffd5700d298d6461a8eae55f1aac0
SHA1

4c19e80117b19ebfa249fb0991e0c03b986ef6f6
SHA256

19a9e808521249e3cf527b632278fac6a9647df29e40241a6370aca0420f524c
SHA512

0cf83bcfb796a0f5e96ea5200ceb9d653bcf0eb8f7d7784c39b33d07bf7f3bd176778fb36893e751754a137bc1899a0b2e3fea62b8b5467bed7793d25054819e
SSDEEP

6144:aXpP/y5d7mEw/oWRd9Plrghb+HBU458pTCXrPUlxZ4LpEFfs6bvWsvu3daqXv93:ayd7mv/oWRdEoHB5+TColxZ4IZ+nFF

Score

N/A

Malware Config

Signatures

Files

19a9e808521249e3cf527b632278fac6a9647df29e40241a6370aca0420f524c
.exe windows x86

40f79c3482016a729d10704a0d44f09b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSysColor
LoadAcceleratorsA
GetSysColorBrush
PostQuitMessage
DefWindowProcA
SendMessageA
GetClientRect
ReleaseDC
GetLastActivePopup
InvalidateRect
SetTimer
InsertMenuA
GetWindow
DestroyWindow
CharNextA
PtInRect
LoadIconA
MessageBoxA
BringWindowToTop
SetMenuDefaultItem
DrawFocusRect
DestroyIcon
DrawTextA
RegisterClassExA
FillRect
ReleaseCapture
LoadImageA
GetDesktopWindow
IsChild
LoadStringA
LoadBitmapA
GetParent
DrawStateA
GetDlgItem
GetSubMenu
CharUpperA
GetWindowThreadProcessId
RegisterClassA
TrackPopupMenu
GetMessageA
GetClipboardData
CreateWindowExA
SetRect
GetIconInfo
ShowWindow
MessageBeep
OffsetRect
SetWindowTextA
SetForegroundWindow

comctl32

ImageList_Create
ord17
ImageList_Draw
InitCommonControlsEx

shell32

ord155
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetSpecialFolderPathA

advapi32

AllocateAndInitializeSid
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
RegCloseKey
OpenSCManagerA
RegEnumKeyA
OpenProcessToken
RegCreateKeyA

ole32

CoGetClassObject
OleIsCurrentClipboard
CoRegisterClassObject
StgOpenStorageOnILockBytes
OleLoad
RegisterDragDrop
CoFreeUnusedLibraries
CoTaskMemFree
OleGetClipboard
WriteClassStg
CoGetMalloc
CLSIDFromString
CreateStreamOnHGlobal
CreateItemMoniker
IsAccelerator
CoInitialize
DoDragDrop
CoTaskMemAlloc
CreateBindCtx
CoLockObjectExternal
OleUninitialize
CreateILockBytesOnHGlobal
OleDuplicateData
OleCreateMenuDescriptor
CoCreateInstance
CLSIDFromProgID
CreateOleAdviseHolder
OleInitialize
OleTranslateAccelerator
OleLockRunning
OleFlushClipboard
OleRun
RevokeDragDrop
OleDestroyMenuDescriptor
CoRevokeClassObject
OleSetClipboard
ReleaseStgMedium
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
StringFromCLSID
CoInitializeSecurity
OleRegGetUserType

winspool.drv

ord204
DocumentPropertiesA

kernel32

GetTimeZoneInformation
LoadLibraryA
InterlockedExchange
IsValidCodePage
HeapCreate
GetTickCount
GetProcAddress
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
SetLastError
GetStdHandle
GetCommandLineA
GetConsoleOutputCP
GetOEMCP
HeapAlloc
WriteFile
FreeEnvironmentStringsW
VirtualAlloc
GetACP
SetEnvironmentVariableA
RtlUnwind
CloseHandle
GetEnvironmentStringsW
InterlockedIncrement
GetSystemTimeAsFileTime
Sleep
TlsAlloc
WideCharToMultiByte
ReadFile
GetConsoleCP
WriteConsoleA
GetConsoleMode
CreateMutexA
DeleteCriticalSection
GetLocaleInfoA
GetCPInfo
GetVersionExA
HeapFree
HeapSize
UnhandledExceptionFilter
TlsGetValue
GetLastError
GetStartupInfoA
InterlockedDecrement
GetTimeFormatA
GetStringTypeW
GetCurrentThreadId
TlsFree
IsDebuggerPresent
GetCurrentProcess
LeaveCriticalSection
GetDateFormatA
SetStdHandle
CreateFileA
MultiByteToWideChar
VirtualQuery
GetEnvironmentStrings
GetCurrentProcessId
TerminateProcess
LCMapStringA
SetUnhandledExceptionFilter
EnterCriticalSection
GetModuleHandleA
CompareStringA
HeapReAlloc
HeapDestroy
SetHandleCount
TlsSetValue
ExitProcess
LCMapStringW
RaiseException
FreeEnvironmentStringsA
InitializeCriticalSection
GetStringTypeA
WriteConsoleW
CompareStringW
GetProcessHeap
SetFilePointer
FlushFileBuffers
VirtualFree

gdi32

GetStockObject
RealizePalette
SetPixelV
GetObjectA
Escape
GetWindowExtEx
ExtCreatePen
SetTextColor
SetTextAlign
StrokeAndFillPath
SelectPalette
UnrealizeObject
MoveToEx
SetPolyFillMode
GetArcDirection
ExcludeClipRect
SetPixel
GetGlyphOutlineA
GetRgnBox
PtVisible
GetDeviceCaps
PaintRgn
GetCharABCWidthsA
GetBkMode
SetStretchBltMode
OffsetViewportOrgEx
DeleteObject
GetViewportExtEx
FillPath
SelectClipRgn
GetRegionData
Polygon
CreateCompatibleBitmap
GetNearestPaletteIndex
Rectangle
FillRgn
GetViewportOrgEx
StretchBlt
GetTextMetricsA
SetViewportExtEx
MaskBlt
GetObjectType
CreateRoundRectRgn
SetBkMode
LPtoDP
DeleteDC
CreateRectRgnIndirect

wsock32

WSACleanup

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 272KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40f79c3482016a729d10704a0d44f09b

Headers

File Characteristics

Imports

user32

comctl32

shell32

advapi32

ole32

winspool.drv

kernel32

gdi32

wsock32

Sections

.text Size: 108KB - Virtual size: 105KB

.rdata Size: 272KB - Virtual size: 270KB

.data Size: 76KB - Virtual size: 101KB

.rsrc Size: 76KB - Virtual size: 73KB

.text
Size: 108KB - Virtual size: 105KB

.rdata
Size: 272KB - Virtual size: 270KB

.data
Size: 76KB - Virtual size: 101KB

.rsrc
Size: 76KB - Virtual size: 73KB